The week's pick
Reseach Article
A survey of DDoS Service Attacks in Collaborative Intrusion Detection System
| International Journal of Computer Applications |
| Foundation of Computer Science (FCS), NY, USA |
| Volume 1 - Number 25 |
| Year of Publication: 2010 |
| Authors: J.Manikandan, S.Vijayaragavan, R.Madhavi |
10.5120/458-762
|
J.Manikandan, S.Vijayaragavan, R.Madhavi . A survey of DDoS Service Attacks in Collaborative Intrusion Detection System. International Journal of Computer Applications. 1, 25 ( February 2010), 50-56. DOI=10.5120/458-762
Abstract
A DDoS (Distributed Denial-of-Service) attack is a distributed large-scale attempt by malicious users to flood the victim network with an enormous number of packets. This exhausts the victim network of resources such as bandwidth, computing power, etc., the victim is unable to provide services to its legitimate clients and network performance is greatly deteriorated. There are many proposed methods in the literature which aim to alleviate this problem; such as hop-count filtering, rate-limiting and statistical filtering. However, most of these solutions are meant for the wired Internet and there is little research efforts on mechanisms against DDoS attacks in wireless networks such as MANETs, IDS and ICMP. In this paper, we study the vulnerability of MANETs to DDoS flooding attacks and provide an overview of the commonly used security mechanism against DDoS attacks in wireless networks. The defense schemes proposed are statistical filtering, detection of RTS/CTS packets, signal interference frequency and retransmission time and response stage with ECN marking mechanism.
References
- L. Zhou and Z. J. Haas, Securing Ad Hoc Networks, IEEE Network Magazine, Special Issue on Network Security, Vol. 13, No. 6, 1999.
- Y. Zhang and. W. Lee, Intrusion Detection in. Wireless Ad Hoc Networks, Proceedings of the 6th International Conference on Mobile Computing and Networking, Boston, Massachusetts, United States, 2000.
- V. Gupta, S. Krishnamurthy and M. Faloutsos, Denial of Service Attacks at the MAC Layer in Wireless Ad Hoc Networks, Proceedings of the Military Communications. Conference (MICOM 2002), California, Oct 2002.
- B. Bencsath and I. Vajda, Protection Against DDoS Attacks Based On Traffic Level Measurements, Y. Kim, W. Lau, M. Chuah and J. Chao, PacketScore: Statistical-based Overload Control against Distributed Denial-of-Service Attacks, Proceedings of the. 23rd Conference of the IEEE Communications Society (INFOCOM 2004), Hong Kong, Mar 7-11; 2004.
- Q. Li, E-C. Chang and M. C. Chan, On the Effectiveness of DDoS Attacks on Statistical Filtering,
- C. Patrikakis, M. Masikos and O. Zouraraki, Distributed Denial of Service Attacks, The Internet Protocol Journal, Vol. 7, No. 4, Dec 2004.
- J. Mirkovic and P. Reiher, A Taxonomy of DDoS Attack and DDoS Defense Mechanisms, ACM Sigcomm Computer Communications Review, Vol. 34, No. 2, Apr 2004.
- L. Bajaj, M. Tekai, R. Ahuja, K. Tang, R. Bagrodia and M. Gerla, GloMoSim: A Scalable Network Simulation Environment, UCLA Computer Science Department Technical Report 990027, 1999.
- C. E. Perkins, E. M. Belding-Royer and L Chakeres, Ad Hoc On Demand Distance Vector (AODV) Routing, IETF RFC 3561, Jul 2003.
- Z. J. Haas and M. R. Pearlman, Determining the Optimal Configuration for the Zone Routing Protocol, IEEE JSAC, Special Issue on Ad-Hoc Networks, Vol. 17, No. 8, Aug 1999.
- M. Jiang, J. Li and Y. C. Tay, Cluster Based Routing Protocol (CBRP), Internet Draft, draft¬ ietf-manet-cbrpspec-Ol.txt, Aug 1999.
Index Terms
Keywords